Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 5 Jan 2001 12:31:33 -0800
From:      Alfred Perlstein <bright@wintelcom.net>
To:        Artem Koutchine <matrix@ipform.ru>
Cc:        "David G. Andersen" <dga@pobox.com>, questions@FreeBSD.ORG
Subject:   Re: Antisniffer measures (digest of posts)
Message-ID:  <20010105123133.I15744@fw.wintelcom.net>
In-Reply-To: <005601c07755$b0604ac0$0c00a8c0@ipform.ru>; from matrix@ipform.ru on Fri, Jan 05, 2001 at 11:25:18PM %2B0300
References:  <200101052002.NAA29203@faith.cs.utah.edu> <002f01c07753$af808400$0c00a8c0@ipform.ru> <20010105122014.H15744@fw.wintelcom.net> <005601c07755$b0604ac0$0c00a8c0@ipform.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
* Artem Koutchine <matrix@ipform.ru> [010105 12:27] wrote:
> 
> > * Artem Koutchine <matrix@ipform.ru> [010105 12:12] wrote:
> > >
> > > >   A final solution is simply to encrypt all sensitive traffic at the
> > > > application layer.  Use SSL for http/pop3/etc.  Use SSH for remote
> > > > access.  Etc.  Not perfect, but works.
> > >
> > > Nope, dsniff breaks SSL and SSH1.
> >
> > What's wrong with using SSH2?  You can use port forwarding over
> > remote localhost to do it:
> 
> Hmm.. How do i do that on a Win9x box? How do i make use SSH2
> when connecting to a POP3/SMTP/HTTP?

The diagram should be pretty explanitory, you get an ssh client that
will do port forwarding.  You then configure it to forward local
port pop3 to remote host pop3, so what basically happens is that you
connect to yourself when using pop3/smtp, ssh will listen on the
port and forward the connection to remotehost:pop3/smtp.

as far as HTTP, your users need to use SSL, and be wary of messages
that the key isn't signed properly.

please don't cross post to both security and questions.

-- 
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010105123133.I15744>